[keycloak-user] Set client roles to registered users automatically once synced from source LDAP/DB
valsaraj pv
valsarajpv at gmail.com
Thu May 17 23:20:21 EDT 2018
Do you have any links that will be helpful?
On Fri 18 May, 2018, 7:17 AM Subodh Joshi, <subodhcjoshi82 at gmail.com> wrote:
> I think admin-cli will help you regarding this but issue is documetation
> is not that good.
>
> On Thu, 17 May 2018, 22:43 valsaraj pv, <valsarajpv at gmail.com> wrote:
>
>> Hi,
>>
>> Here is the scenario:
>> Java web application client registers users to local LDAP/DB and sets
>> roles.
>> These users are periodically synced to Keycloak. Roles are also synced
>> once
>> as it not changed more often.
>> So when a user registered in local LDAP via application, they are also
>> reflected in Keycloak but they can't access web application after login
>> via
>> Keycloak.
>> The new users can access only after setting client roles manually.
>> What is the best option to automate this. Is there is any API to set
>> client
>> roles?
>> If available, we can't write code to set role in registration method since
>> the users will be synced to Keycloak only on next sync. Then option is a
>> delayed call which first ensures that the user reached Keycloak DB and
>> then
>> set role.
>> Please share your thoughts!
>>
>> Thanks!
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>
More information about the keycloak-user
mailing list